rsync 备份备忘

一、rsync 基本介绍

rsync 是类 unix 系统下的数据镜像备份工具,从软件的命名上就可以看出来了—— remote sync。它的特性如下:

在使用 rsync 进行远程同步时,可以使用两种方式:远程 Shell 方式(用户验证由 ssh 负责)和 C/S 方式(即客户连接远程 rsync 服务器,用户验证由 rsync 服务器负责)。

无论本地同步目录还是远程同步数据,首次运行时将会把全部文件拷贝一次,以后再运行时将只拷贝有变化的文件(对于新文件)或文件的变化部分(对于原有文件)。

二、rsync 选项

Usage: rsync [OPTION]... SRC [SRC]... DEST
  or   rsync [OPTION]... SRC [SRC]... [USER@]HOST:DEST
  or   rsync [OPTION]... SRC [SRC]... [USER@]HOST::DEST
  or   rsync [OPTION]... SRC [SRC]... rsync://[USER@]HOST[:PORT]/DEST
  or   rsync [OPTION]... [USER@]HOST:SRC [DEST]
  or   rsync [OPTION]... [USER@]HOST::SRC [DEST]
  or   rsync [OPTION]... rsync://[USER@]HOST[:PORT]/SRC [DEST]
The ':' usages connect via remote shell, while '::' & 'rsync://' usages connect
to an rsync daemon, and require SRC or DEST to start with a module name.

注: 在指定复制源时,路径是否有最后的 “/” 有不同的含义,例如:

2.1、常用选项

三、远程 Shell 方式

rsync [OPTION]... SRC [SRC]... [USER@]HOST:DEST # 执行“推”操作
or   rsync [OPTION]... [USER@]HOST:SRC [DEST]   # 执行“拉”操作

四、rsync C/S 方式

rsync [OPTION]... SRC [SRC]... [USER@]HOST::DEST                    # 执行“推”操作
or   rsync [OPTION]... SRC [SRC]... rsync://[USER@]HOST[:PORT]/DEST # 执行“推”操作
or   rsync [OPTION]... [USER@]HOST::SRC [DEST]                      # 执行“拉”操作
or   rsync [OPTION]... rsync://[USER@]HOST[:PORT]/SRC [DEST]        # 执行“拉”操作

C/S 方式需要配置服务端,下面是一个配置文件示例:

# /etc/rsyncd.conf

uid = root
gid = root
use chroot = yes

[bak-data]
    path = /data/
    comment = data backup
    numeric ids = yes
    read only = yes
    list = no
    auth users = data
    filter = merge /etc/.data-filter  # 过滤规则
    secrets file = /etc/rsync-secret
    hosts allow = 192.168.80.0/24 172.16.0.10

[bak-home]
    path = /home/
    comment = home backup
    numeric ids = yes
    read only = yes
    list = no
    auth users = home,test
    exclude = .svn .git
    secrets file = /etc/rsync-secret
    hosts allow = 192.168.80.0/24 172.16.0.10

密码文件和 filter 文件内容如下:

# cat /etc/rsync-secret
data:123321
home:123456
test:654321
# chmod 600 /etc/rsync-secret
# cat /etc/.data-filter     # 关于 filter 的规则文件需要多测试才能彻底明白
+ mysql56/***
- *
# 以上规则表示匹配所有 mysql56 目录下的内容,其它都不同步

关于filter的匹配规则可以参考man手册

  filter
  The daemon has its own filter chain that determines what files it will let the client access. This chain is not sent to the client and is independent of any filters the client may have specified. Files excluded by the daemon filter chain (daemon-excluded files) are treated as non-existent if the client tries to pull them, are skipped with an error message if the client tries to push them (triggering exit code 23), and are never deleted from the module. You can use daemon filters to prevent clients from downloading or tampering with private administrative files, such as files you may add to support uid/gid name translations.

  The daemon filter chain is built from the "filter", "include from", "include", "exclude from", and "exclude" parameters, in that order of priority. Anchored patterns are anchored at the root of the module. To prevent access to an entire subtree, for example, "/secret", you must exclude everything in the subtree; the easiest way to do this is with a triple-star pattern like "/secret/***".

  The "filter" parameter takes a space-separated list of daemon filter rules, though it is smart enough to know not to split a token at an internal space in a rule (e.g. "- /foo - /bar" is parsed as two rules). You may specify one or more merge-file rules using the normal syntax. Only one "filter" parameter can apply to a given module in the config file, so put all the rules you want in a single parameter. Note that per-directory merge-file rules do not provide as much protection as global rules, but they can be used to make --delete work better during a client download operation if the per-dir merge files are included in the transfer and the client requests that they be used.

五、一些命令

5.1、常用命令

RSYNC_PASSWORD=123321 rsync -havAEHXi -n --numeric-ids --delete --stats --progress [SRC] [DEST]

注: 如果有稀疏文件,则添加 -S 选项可以提升传输性能。

5.2、ssh 端口非默认 22 同步

使用 ssh 方式传输时如果连接服务器 ssh 端口非标准,则需要通过 -e 选项指定:

RSYNC_PASSWORD=123321 rsync -havAEHXi -n --numeric-ids --delete --stats --progress -e "ssh -p 22222" [USER@]HOST:SRC [DEST]

5.3、查看服务器同步资源

RSYNC_PASSWORD=123321 rsync --list-only data@192.168.80.150::bak-data
或
RSYNC_PASSWORD=123321 rsync --list-only rsync://data@192.168.80.150/bak-data

六、参考文档

–EOF–

Written by kumu on 09 January 2015